Hi All,
I've run into an issue on CF9 Enterprise 64 bit on Windows (7/2003/2008)
with using client authentication when invoking a java component.
Background:
We are attempting to implement 3D Secure (Verified By Visa) on the
Barclay's EPDQ system using the Arcot SDK. We have this working using the
COM api on windows 32 bit but our shiny new servers running Windows 2008
doesn't support COM. I've attempted to use .NET thinking that it should be
a fairly straight swap between the COM and .NET systems but was I wrong.
The Java SDK requires you to pass in 3 SSL files. A CA certificate, a
client certificate and a client key file. The following code illustrates
the call from ColdFusion to the SDK:
var serverInfo = createObject("java",
"com.arcot.xfms.XFMS_Java_API$ServerInfo").init(
VARIABLES.clientOptions.host,
VARIABLES.clientOptions.port,
VARIABLES.clientOptions.transport,
30, 5, 8, 4,
VARIABLES.clientOptions.TrustedCACertFile,
VARIABLES.clientOptions.ClientCertFile,
VARIABLES.clientOptions.ClientKeyFile);
This returns an error: Cannot get key bytes, not PKCS#8 encoded. If,
however, I wrap this in a java class and execute from command line it works
just fine. It just refuses to work when called from ColdFusion.
Attempted Fixes:
1. I've imported the certificates into every keystore on the server!
2. Created a jks keystore that includes the CA, Client Certificate and
Client Key file and passed that in
3. Created a wrapper class in java that then instantiates and calls the SDK
- this again works from command line but not from CF
4. Updated the JRE to Java6 R35 and tested both the command line and CF
versions, pure java works, CF doesn't
5. Enabled SSL between JRUN and Apache (in dev environment) and still
nothing
6. Contacted Barclays and Arcot and the official position is they neither
officially support 64 bit Windows (which is INSANE!) or ColdFusion and
can't really offer much advice. They suggested that it could be a problem
with access the SDK from Coldfusion but I've moved the SDK to the same
directory as the web root and still nothing.
Has anyone had any experience with this? Any thoughts, suggestions,
criticisms? I can provide more code if necessary.
Thanks very much.
Best Regards,
Donnie Bachan
"Nitendo Vinces - By Striving You Shall Conquer"
======================================================================
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from any
computer.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352799
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
